Total
17830 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-1509 | 1 Xlportal | 1 Xlportal | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in XLPortal 2.2.4 and earlier allows remote attackers to execute arbitrary SQL commands via the query parameter. | |||||
| CVE-2009-4238 | 1 Teamst | 1 Testlink | 2025-04-09 | 6.5 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in TestLink before 1.8.5 allow remote authenticated users to execute arbitrary SQL commands via (1) the Test Case ID field to lib/general/navBar.php or (2) the logLevel parameter to lib/events/eventviewer.php. | |||||
| CVE-2009-3356 | 1 Plohni | 1 Image Voting | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Image voting 1.0 allows remote attackers to execute arbitrary SQL commands via the show parameter. | |||||
| CVE-2007-6080 | 1 Bcoos | 1 Bcoos | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in modules/banners/click.php in the banners module for bcoos 1.0.10 allows remote attackers to execute arbitrary SQL commands via the bid parameter. NOTE: it was later reported that 1.0.13 is also affected. | |||||
| CVE-2008-6350 | 1 Turnkeyforms | 1 Local Classifieds | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in listtest.php in TurnkeyForms Local Classifieds allows remote attackers to execute arbitrary SQL commands via the r parameter. | |||||
| CVE-2008-0771 | 1 Site2nite | 1 Real Estate Web | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in default.asp in Site2Nite allow remote attackers to execute arbitrary SQL commands via the (1) txtUserName and (2) txtPassword parameters. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-4705 | 1 Phponlinedatingsoftware | 1 Myphpdating | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in success_story.php in php Online Dating Software MyPHPDating allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2009-3321 | 1 Saphplesson | 1 Saphplesson | 2025-04-09 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in SaphpLesson 4.3, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the CLIENT_IP HTTP header. | |||||
| CVE-2007-5189 | 1 X-script | 1 Guestbook | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in mes_add.php in x-script GuestBook 1.3a, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) name, (2) email, (3) icq, and (4) website parameters. | |||||
| CVE-2008-0499 | 1 Mamboxchange | 1 Laithai | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Mambo LaiThai 4.5.5 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2009-2310 | 1 Bow Der Kleine | 1 X-blc | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in include/get_read.php in Extensible-BioLawCom CMS (X-BLC) 0.2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the section parameter. | |||||
| CVE-2009-2616 | 1 Datachecknh | 1 Sitepal | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in z_admin_login.asp in DataCheck Solutions SitePal 1.x allows remote attackers to execute arbitrary SQL commands via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2009-0401 | 1 Ephpscripts | 1 E-php Cms | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in browsecats.php in E-Php CMS allows remote attackers to execute arbitrary SQL commands via the cid parameter. | |||||
| CVE-2009-3215 | 2 Joomla, Php-shop-system | 2 Joomla, Ixxo Cart | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in IXXO Cart Standalone before 3.9.6.1, and the IXXO Cart component for Joomla! 1.0.x, allows remote attackers to execute arbitrary SQL commands via the parent parameter. | |||||
| CVE-2008-5921 | 1 Umerinc | 1 Songs Portal | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in albums.php in Umer Inc Songs Portal allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2009-2234 | 1 Vicidial | 1 Call Center Suite | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in admin.php in VICIDIAL Call Center Suite 2.0.5-173 allow remote attackers to execute arbitrary SQL commands via the (1) Username parameter ($PHP_AUTH_USER) and (2) Password parameter ($PHP_AUTH_PW). | |||||
| CVE-2008-0504 | 1 Coppermine-gallery | 1 Coppermine Photo Gallery | 2025-04-09 | 6.5 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in Coppermine Photo Gallery (CPG) before 1.4.15 allow remote authenticated administrators to execute arbitrary SQL commands via the (1) albumid, (2) startpic, and (3) numpics parameters to util.php; and (4) cid_array parameter to reviewcom.php. | |||||
| CVE-2008-4205 | 1 Attachmax | 1 Dolphin | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in search.php Attachmax Dolphin 2.1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the category parameter in a Search action to index.php. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2007-6663 | 2 Joomla, Pragmatic Utopia | 2 Joomla, Pu Arcade | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in (1) Puarcade.php and (2) PUarcade.html.php in Pragmatic Utopia PU Arcade (com_puarcade) 2.0.3, 2.1.2, and 2.1.3 Beta component for Joomla! allows remote attackers to execute arbitrary SQL commands via the fid parameter to index.php. | |||||
| CVE-2009-3644 | 2 Joomla, Soundset | 2 Joomla\!, Com Soundset | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Soundset (com_soundset) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the cat_id parameter to index.php. | |||||